linux/net/bridge
Nikolay Aleksandrov 31a4562d74 net: bridge: fix dest lookup when vlan proto doesn't match
With 802.1ad support the vlan_ingress code started checking for vlan
protocol mismatch which causes the current tag to be inserted and the
bridge vlan protocol & pvid to be set. The vlan tag insertion changes
the skb mac_header and thus the lookup mac dest pointer which was loaded
prior to calling br_allowed_ingress in br_handle_frame_finish is VLAN_HLEN
bytes off now, pointing to the last two bytes of the destination mac and
the first four of the source mac causing lookups to always fail and
broadcasting all such packets to all ports. Same thing happens for locally
originated packets when passing via br_dev_xmit. So load the dest pointer
after the vlan checks and possible skb change.

Fixes: 8580e2117c ("bridge: Prepare for 802.1ad vlan filtering support")
Reported-by: Anitha Narasimha Murthy <anitha@cumulusnetworks.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Acked-by: Toshiaki Makita <makita.toshiaki@lab.ntt.co.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-07-14 08:19:23 -07:00
..
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2017-07-06 14:02:22 +01:00
Kconfig bridge: Add vlan filtering infrastructure 2013-02-13 19:41:46 -05:00
Makefile bridge: per vlan dst_metadata netlink support 2017-02-03 15:21:22 -05:00
br.c net: bridge: Receive notification about successful FDB offload 2017-06-08 14:16:25 -04:00
br_device.c net: bridge: fix dest lookup when vlan proto doesn't match 2017-07-14 08:19:23 -07:00
br_fdb.c bridge: allow ext learned entries to change ports 2017-07-04 01:49:44 -07:00
br_forward.c bridge: add per-port broadcast flood flag 2017-04-27 16:34:29 -04:00
br_if.c bridge: Export VLAN filtering state 2017-05-26 15:18:44 -04:00
br_input.c net: bridge: fix dest lookup when vlan proto doesn't match 2017-07-14 08:19:23 -07:00
br_ioctl.c bridge: move to workqueue gc 2017-02-06 22:53:13 -05:00
br_mdb.c bridge: mdb: fix leak on complete_info ptr on fail path 2017-07-11 20:01:39 -07:00
br_multicast.c bridge: Export multicast enabled state 2017-05-26 15:18:44 -04:00
br_netfilter_hooks.c net: convert nf_bridge_info.use from atomic_t to refcount_t 2017-07-01 07:39:07 -07:00
br_netfilter_ipv6.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
br_netlink.c net: add netlink_ext_ack argument to rtnl_link_ops.slave_changelink 2017-06-26 23:13:22 -04:00
br_netlink_tunnel.c netlink: pass extended ACK struct to parsing functions 2017-04-13 13:58:22 -04:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private.h net, bridge: convert net_bridge_vlan.refcnt from atomic_t to refcount_t 2017-07-04 22:35:16 +01:00
br_private_stp.h net: bridge: add helper to set topology change 2016-12-10 21:27:23 -05:00
br_private_tunnel.h bridge: vlan dst_metadata hooks in ingress and egress paths 2017-02-03 15:21:22 -05:00
br_stp.c bridge: move to workqueue gc 2017-02-06 22:53:13 -05:00
br_stp_bpdu.c net: introduce __skb_put_[zero, data, u8] 2017-06-20 13:30:14 -04:00
br_stp_if.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-06-06 22:20:08 -04:00
br_stp_timer.c bridge: start hello_timer when enabling KERNEL_STP in br_stp_start 2017-05-21 13:33:28 -04:00
br_switchdev.c net: bridge: Add support for notifying devices about FDB add/del 2017-06-08 14:16:25 -04:00
br_sysfs_br.c net: bridge: constify attribute_group structures. 2017-06-29 15:48:52 -04:00
br_sysfs_if.c bridge: add per-port broadcast flood flag 2017-04-27 16:34:29 -04:00
br_vlan.c net, bridge: convert net_bridge_vlan.refcnt from atomic_t to refcount_t 2017-07-04 22:35:16 +01:00
br_vlan_tunnel.c bridge: vlan_tunnel: explicitly reset metadata attrs to NULL on failure 2017-02-17 13:33:41 -05:00